Let's Encrypt SSL error generating one for MX

Hello folks,
I was trying to make my own email server in order to send email like test@site.com
I currently own only on record A with is @ mysite.com.

my old Let’s Encrypt SSL was on: mysite.com and www.mysite.com. but now I want mail.mysite.com.
using virtualmin on the let’s encrypt tab I generate an ssl for: mysite.com and www.mysite.com mail.mysite.com.
And I got this error note that I did it only once so I’m not temporally blocked my Let’s Encrypt.


Requesting a certificate for mysite.com, www.mysite.com, mail.mysite.com from Let’s Encrypt …
… request failed : Web-based validation failed :

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for mail.mysite.com
Using the webroot path /home/mysite/public_html for all unmatched domains.
Waiting for verification...
Challenge failed for domain mail.mysite.com
http-01 challenge for mail.mysite.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
 - The following errors were reported by the server:


   Domain: mail.mysite.com
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up A for mail.mysite.com
   - check that a DNS record exists for this domain

DNS-based validation failed :

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for mail.mysite.com
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Waiting for verification...
Challenge failed for domain mail.mysite.com
dns-01 challenge for mail.mysite.com
Cleaning up challenges
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Some challenges have failed.
IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: mail.mysite.com
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.mail.mysite.com - check that a DNS record
   exists for this domain

How could I fix this error?
Thanks

I don’t know how that error could be more clear?

You don’t have an A record for a name you tried to issue a certificate for. If you don’t want mail.domain.tld to be part of the certificate don’t include it. It obviously cannot be part of the certificate if you haven’t made a record for it in your DNS server (if you host DNS in Virtualmin, it knows what records exist, if you host DNS elsewhere, you need to manage that yourself).

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.